Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/1-5RHclxPdrtdCH7FaUZiq_G_yX4.roa
File: 1-5RHclxPdrtdCH7FaUZiq_G_yX4.roa (raw, json)
Hash identifier: NAqCaEEiQSsoL4KGKbvie1Yk7VpADJneU0Gt7Sgm2ps=
Subject key identifier: FB:94:47:72:5C:4F:76:BB:5D:08:7E:C5:69:46:62:AB:F1:BF:C9:7E
Certificate issuer: /CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Certificate serial: 0189F427CF7F9040ADF003964412DA4D1358
Authority key identifier: 2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/1-5RHclxPdrtdCH7FaUZiq_G_yX4.roa
Signing time: Mon 14 Aug 2023 13:06:36 +0000
ROA not before: Mon 14 Aug 2023 13:06:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38963
IP address blocks: 46.236.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:27:cf:7f:90:40:ad:f0:03:96:44:12:da:4d:13:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Validity
Not Before: Aug 14 13:06:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb9447725c4f76bb5d087ec5694662abf1bfc97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:05:81:a2:28:84:50:12:aa:10:e7:eb:b1:7f:
45:a8:91:92:d6:8c:51:5c:ed:db:2a:4f:f1:9d:f8:
31:ec:3e:79:8c:ce:da:fa:f2:62:40:b0:e5:5b:a9:
fe:60:a8:5b:05:1b:3c:d6:f3:02:05:e4:3d:b2:7c:
f9:f7:01:06:48:0f:29:8e:e1:4c:76:6f:c8:82:f9:
80:27:8a:02:10:2f:66:ae:41:67:31:16:5c:91:87:
9e:f7:27:04:3d:e5:f5:c4:eb:91:ec:71:9b:69:7c:
19:31:28:d1:9a:7d:44:6f:6b:30:b5:43:18:1d:d9:
82:62:46:72:9b:fb:fd:9e:24:63:e5:97:2d:77:63:
e4:0c:83:f7:9d:f8:3f:05:dc:03:2a:77:65:c6:ce:
24:1e:76:cf:ab:10:64:e4:b2:b9:c3:20:8d:88:54:
a5:20:0b:d1:22:be:75:ff:b2:46:77:14:e1:a1:6d:
63:a6:17:9b:e5:6a:f1:ba:25:bf:af:ca:aa:aa:02:
8b:17:ef:e9:43:69:5a:3d:7a:b4:97:94:0c:6f:ca:
77:c3:71:7b:28:41:70:ce:72:84:f4:3c:04:fe:3e:
47:c7:85:51:97:77:6c:92:1c:84:58:5d:2e:3f:9c:
f8:b7:eb:72:35:37:04:eb:ab:f7:51:ec:2f:bc:7a:
13:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:94:47:72:5C:4F:76:BB:5D:08:7E:C5:69:46:62:AB:F1:BF:C9:7E
X509v3 Authority Key Identifier:
keyid:2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/1-5RHclxPdrtdCH7FaUZiq_G_yX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/K-U9NAqL9Hwb800yVeEC77GBrRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.63.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:4f:74:27:d5:08:0a:c1:7e:10:8f:90:1e:15:53:a4:b0:9d:
8d:c0:a7:83:d3:ad:89:6a:1a:88:d9:a3:07:d0:4f:87:07:be:
f4:9d:41:54:21:85:62:6f:78:93:97:75:e4:e8:fc:0b:4c:82:
74:24:d3:e8:c0:f4:b3:d0:9c:fb:07:2e:e7:85:56:25:4f:bb:
a5:6d:ed:cb:d7:3c:30:bc:bb:f3:0b:7f:16:c9:db:ac:5e:26:
0c:22:f7:1a:c3:35:5c:19:cc:7c:72:78:3d:62:43:5e:fe:20:
5e:10:14:7d:a1:bb:36:e2:e0:a9:20:d5:9b:e3:99:4f:eb:a5:
dd:e1:54:0a:0e:d6:3f:ad:75:b4:ac:aa:8b:75:2b:73:fb:a6:
1d:cb:84:06:27:1e:9f:60:2a:62:b7:b5:d4:11:43:16:b0:2b:
8a:d7:25:41:37:8e:7e:8c:d7:89:81:fd:c7:25:fa:62:60:a5:
90:93:79:f2:db:68:24:4f:9d:9f:dd:6d:7e:85:32:df:96:75:
ea:3e:3b:fc:82:dc:0b:fc:10:4b:05:d5:e9:a3:28:79:56:14:
89:5e:45:e8:40:6d:67:1d:a9:1e:d2:84:7d:37:82:f9:5f:1f:
6e:28:32:f7:02:f6:19:d4:a7:b9:40:9b:c6:51:14:74:9d:ac:
4c:3b:fc:e2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYn0J89/kECt8AOWRBLaTRNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZTUzZDM0MGE4YmY0N2MxYmYzNGQzMjU1ZTEwMmVmYjE4
MWFkMTkwHhcNMjMwODE0MTMwNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjk0NDc3MjVjNGY3NmJiNWQwODdlYzU2OTQ2NjJhYmYxYmZjOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwWBoiiEUBKqEOfrsX9FqJGS1oxR
XO3bKk/xnfgx7D55jM7a+vJiQLDlW6n+YKhbBRs81vMCBeQ9snz59wEGSA8pjuFM
dm/IgvmAJ4oCEC9mrkFnMRZckYee9ycEPeX1xOuR7HGbaXwZMSjRmn1Eb2swtUMY
HdmCYkZym/v9niRj5Zctd2PkDIP3nfg/BdwDKndlxs4kHnbPqxBk5LK5wyCNiFSl
IAvRIr51/7JGdxThoW1jpheb5WrxuiW/r8qqqgKLF+/pQ2laPXq0l5QMb8p3w3F7
KEFwznKE9DwE/j5Hx4VRl3dskhyEWF0uP5z4t+tyNTcE66v3UewvvHoTAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPuUR3JcT3a7XQh+xWlGYqvxv8l+MB8GA1UdIwQY
MBaAFCvlPTQKi/R8G/NNMlXhAu+xga0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEt
NzRmMGMzZTY2M2NiLzEvMS01UkhjbHhQZHJ0ZENIN0ZhVVppcV9HX3lYNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTcvZjcyNTYyLTQ1ZjUtNDAxOS04M2ExLTc0ZjBjM2U2NjNj
Yi8xL0stVTlOQXFMOUh3YjgwMHlWZUVDNzdHQnJSay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC7sPzAN
BgkqhkiG9w0BAQsFAAOCAQEAfU90J9UICsF+EI+QHhVTpLCdjcCng9OtiWoaiNmj
B9BPhwe+9J1BVCGFYm94k5d15Oj8C0yCdCTT6MD0s9Cc+wcu54VWJU+7pW3ty9c8
MLy78wt/FsnbrF4mDCL3GsM1XBnMfHJ4PWJDXv4gXhAUfaG7NuLgqSDVm+OZT+ul
3eFUCg7WP611tKyqi3Urc/umHcuEBicen2AqYre11BFDFrAritclQTeOfozXiYH9
xyX6YmClkJN58ttoJE+dn91tfoUy35Z16j47/ILcC/wQSwXV6aMoeVYUiV5F6EBt
Zx2pHtKEfTeC+V8fbigy9wL2GdSnuUCbxlEUdJ2sTDv84g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:55 2024 by rpki-client on console-fra.rpki-client.org